WhatsApp use has grown rapidly in recent years, allowing users to send text messages, voice, and video over an internet connection safe in the knowledge that third parties cannot intercept their correspondence without somehow breaking the end-to-end encryption used by the app.
The app is a boon for the security conscious, the socially vulnerable, and those with something to hide, such as rogue politicians. Of course, an app owned by a large corporate entity, in this case Meta (formerly Facebook) will be subject to legal pressure in the USA when it comes to allowing law enforcement access to those encrypted messages. Elsewhere those seeking to undertake criminal investigation may need a warrant to allow them to crack in order to obtain evidence for a prosecution or public inquiry, for instance.
Research in the International Journal of Electronic Security and Digital Forensics, offers a way to overcome this significant obstacle in obtaining admissible evidence from Whatsapp for use in court. The work could lead to fewer inconclusive investigations and more successful criminal prosecutions.
The new algorithmic approach to Whatsapp forensics developed by Aritro Sengupta and Amit Singh of India’s Ministry of Electronics and Information Technology in New Delhi and B.M. Vinjit of the National Institute of Technology in Haryana, India, sidesteps the specific hardware and software specifications of a mobile phone and allows Whatsapp data to be recovered from any device and even those seized phones that would not normally succumb to conventional forensic analysis. Moreover, the forensic analysis leaves no digital footprint and so does not compromise the evidence.
The demonstration suggests that law enforcement agencies and forensic investigators now have a forensically sound method of extracting WhatsApp data, streamlining their investigations, and bolstering their ability to build a strong case. The team will continue developing their forensic tools so that they might also be used with messenger apps other than Whatsapp.
Sengupta, A., Singh, A. and Vinjit, B.M. (2023) ‘A platform independent and forensically sound method to extract WhatsApp data from mobile phones’, Int. J. Electronic Security and Digital Forensics, Vol. 15, No. 3, pp.259–280.